﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using System.Web.Security;

namespace GBFinance.Web.Models
{
    public class ManageAuthorizeAttribute : AuthorizeAttribute
    {
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            bool isAllowed = false;

            bool isAuthenticated = filterContext.HttpContext.User.Identity.IsAuthenticated;
            if (isAuthenticated == true)
            {
                isAllowed = true;
                //if (filterContext.HttpContext.User.Identity.Name == "admin")
                //{
                //    isAllowed = true;
                //}
            }

            //var controller = filterContext.RouteData.Values["controller"].ToString();
            //var action = filterContext.RouteData.Values["action"].ToString();

            if (isAllowed == false)
            {
                FormsAuthentication.RedirectToLoginPage();
                ////UrlHelper url = new UrlHelper(filterContext.RequestContext);
                //string loginUrl = FormsAuthentication.LoginUrl;
                //filterContext.RequestContext.HttpContext.Response.Redirect(loginUrl);
                
                //string information = string.Format("匿名用户无权访问，<a href='{0}'>请先登录</a>", url.Action("Index", "Account"));
                //filterContext.RequestContext.HttpContext.Response.Write(information);
                //filterContext.RequestContext.HttpContext.Response.End();
            }

        }
    }
}